projects / civicrm-core.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
5.16.0 release notes: add boilerplate
[civicrm-core.git] / CRM / Utils / Rule.php
CommitLineData
6a488035
TO		 1<?php
2/*
3 +--------------------------------------------------------------------+
fee14197 4 | CiviCRM version 5 |
6a488035 5 +--------------------------------------------------------------------+
6b83d5bd 6 | Copyright CiviCRM LLC (c) 2004-2019 |
6a488035
TO		 7 +--------------------------------------------------------------------+
8 | This file is a part of CiviCRM. |
9 | |
10 | CiviCRM is free software; you can copy, modify, and distribute it |
11 | under the terms of the GNU Affero General Public License |
12 | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. |
13 | |
14 | CiviCRM is distributed in the hope that it will be useful, but |
15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
17 | See the GNU Affero General Public License for more details. |
18 | |
19 | You should have received a copy of the GNU Affero General Public |
20 | License and the CiviCRM Licensing Exception along |
21 | with this program; if not, contact CiviCRM LLC |
22 | at info[AT]civicrm[DOT]org. If you have questions about the |
23 | GNU Affero General Public License or the licensing of CiviCRM, |
24 | see the CiviCRM license FAQ at http://civicrm.org/licensing |
25 +--------------------------------------------------------------------+
d25dd0ee 26 */
6a488035
TO		 27
28/**
29 *
30 * @package CRM
6b83d5bd 31 * @copyright CiviCRM LLC (c) 2004-2019
6a488035
TO		 32 */
33
34require_once 'HTML/QuickForm/Rule/Email.php';
f942c321 35
5bc392e6
EM		 36/**
37 * Class CRM_Utils_Rule
38 */
6a488035
TO		 39class CRM_Utils_Rule {
40
5bc392e6
EM		 41 /**
42 * @param $str
43 * @param int $maxLength
44 *
45 * @return bool
46 */
00be9182 47 public static function title($str, $maxLength = 127) {
6a488035
TO		 48
49 // check length etc
50 if (empty($str) || strlen($str) > $maxLength) {
51 return FALSE;
52 }
53
54 // Make sure it include valid characters, alpha numeric and underscores
55 if (!preg_match('/^\w[\w\s\'\&\,\$\#\-\.\"\?\!]+$/i', $str)) {
56 return FALSE;
57 }
58
59 return TRUE;
60 }
61
5bc392e6
EM		 62 /**
63 * @param $str
64 *
65 * @return bool
66 */
00be9182 67 public static function longTitle($str) {
6a488035
TO		 68 return self::title($str, 255);
69 }
70
5bc392e6
EM		 71 /**
72 * @param $str
73 *
74 * @return bool
75 */
00be9182 76 public static function variable($str) {
6a488035
TO		 77 // check length etc
78 if (empty($str) || strlen($str) > 31) {
79 return FALSE;
80 }
81
50bfb460 82 // make sure it includes valid characters, alpha numeric and underscores
6a488035
TO		 83 if (!preg_match('/^[\w]+$/i', $str)) {
84 return FALSE;
85 }
86
87 return TRUE;
88 }
89
00f11506 90 /**
a33b83c5 91 * Validate that a string is a valid MySQL column name or alias.
b794b580 92 *
00f11506
MM		 93 * @param $str
94 *
95 * @return bool
96 */
a33b83c5 97 public static function mysqlColumnNameOrAlias($str) {
10ed14b0
MM		 98 // Check not empty.
99 if (empty($str)) {
00f11506
MM		 100 return FALSE;
101 }
102
7cec4a9a
CB		 103 // Ensure $str conforms to expected format. Not a complete expression of
104 // what MySQL permits; this should permit the formats CiviCRM generates.
105 //
106 // * Table name prefix is optional.
107 // * Table & column names & aliases:
108 // * Composed of alphanumeric chars, underscore and hyphens.
109 // * Maximum length of 64 chars.
110 // * Optionally surrounded by backticks, in which case spaces also OK.
38c9ed00 111 if (!preg_match('/^((`[-\w ]{1,64}`|[-\w]{1,64})\.)?(`[-\w ]{1,64}`|[-\w]{1,64})$/i', $str)) {
00f11506
MM		 112 return FALSE;
113 }
114
115 return TRUE;
116 }
117
118 /**
b794b580
CB		 119 * Validate that a string is ASC or DESC.
120 *
121 * Empty string should be treated as invalid and ignored => default = ASC.
00f11506 122 *
b794b580 123 * @param $str
00f11506
MM		 124 * @return bool
125 */
b794b580 126 public static function mysqlOrderByDirection($str) {
00f11506
MM		 127 if (!preg_match('/^(asc|desc)$/i', $str)) {
128 return FALSE;
129 }
130
131 return TRUE;
132 }
133
0fa4baf0
MM		 134 /**
135 * Validate that a string is valid order by clause.
136 *
137 * @param $str
138 * @return bool
139 */
140 public static function mysqlOrderBy($str) {
be2fb01f 141 $matches = [];
9d5c7f14 142 // Using the field function in order by is valid.
143 // Look for a string like field(contribution_status_id,3,4,6).
144 // or field(civicrm_contribution.contribution_status_id,3,4,6)
145 if (preg_match('/field\([a-z_.]+,[0-9,]+\)/', $str, $matches)) {
146 // We have checked these. Remove them as they will fail the next lot.
147 // Our check currently only permits numbers & no back ticks. If we get a
148 // need for strings or backticks we can add.
149 $str = str_replace($matches, '', $str);
150 }
151 $str = trim($str);
152 if (!empty($matches) && empty($str)) {
153 // nothing left to check after the field check.
154 return TRUE;
155 }
0fa4baf0
MM		 156 // Making a regex for a comma separated list is quite hard and not readable
157 // at all, so we split and loop over.
158 $parts = explode(',', $str);
159 foreach ($parts as $part) {
a99e69c2 160 if (!preg_match('/^((`[\w-]{1,64}`|[\w-]{1,64})\.)*(`[\w-]{1,64}`|[\w-]{1,64})( (asc|desc))?$/i', trim($part))) {
0fa4baf0
MM		 161 return FALSE;
162 }
163 }
164
165 return TRUE;
166 }
167
5bc392e6
EM		 168 /**
169 * @param $str
170 *
171 * @return bool
172 */
00be9182 173 public static function qfVariable($str) {
6a488035
TO		 174 // check length etc
175 //if ( empty( $str ) || strlen( $str ) > 31 ) {
176 if (strlen(trim($str)) == 0 || strlen($str) > 31) {
177 return FALSE;
178 }
179
50bfb460 180 // make sure it includes valid characters, alpha numeric and underscores
6a488035
TO		 181 // added (. and ,) option (CRM-1336)
182 if (!preg_match('/^[\w\s\.\,]+$/i', $str)) {
183 return FALSE;
184 }
185
186 return TRUE;
187 }
188
5bc392e6
EM		 189 /**
190 * @param $phone
191 *
192 * @return bool
193 */
00be9182 194 public static function phone($phone) {
6a488035
TO		 195 // check length etc
196 if (empty($phone) || strlen($phone) > 16) {
197 return FALSE;
198 }
199
50bfb460 200 // make sure it includes valid characters, (, \s and numeric
6a488035
TO		 201 if (preg_match('/^[\d\(\)\-\.\s]+$/', $phone)) {
202 return TRUE;
203 }
204 return FALSE;
205 }
206
5bc392e6
EM		 207 /**
208 * @param $query
209 *
210 * @return bool
211 */
00be9182 212 public static function query($query) {
6a488035
TO		 213 // check length etc
214 if (empty($query) || strlen($query) < 3 || strlen($query) > 127) {
215 return FALSE;
216 }
217
50bfb460 218 // make sure it includes valid characters, alpha numeric and underscores
6a488035
TO		 219 if (!preg_match('/^[\w\s\%\'\&\,\$\#]+$/i', $query)) {
220 return FALSE;
221 }
222
223 return TRUE;
224 }
225
5bc392e6
EM		 226 /**
227 * @param $url
228 *
229 * @return bool
230 */
00be9182 231 public static function url($url) {
c7cd4e2c 232 if (!$url) {
233 // If this is required then that should be checked elsewhere - here we are not assuming it is required.
234 return TRUE;
235 }
1136a401 236 if (preg_match('/^\//', $url)) {
237 // allow relative URL's (CRM-15598)
238 $url = 'http://' . $_SERVER['HTTP_HOST'] . $url;
239 }
6a488035
TO		 240 return (bool) filter_var($url, FILTER_VALIDATE_URL);
241 }
242
d9d7e7dd
TO		 243 /**
244 * @param $url
245 *
246 * @return bool
247 */
248 public static function urlish($url) {
249 if (empty($url)) {
250 return TRUE;
251 }
e3d28c74 252 $url = Civi::paths()->getUrl($url, 'absolute');
d9d7e7dd
TO		 253 return (bool) filter_var($url, FILTER_VALIDATE_URL);
254 }
255
5bc392e6
EM		 256 /**
257 * @param $string
258 *
259 * @return bool
260 */
00be9182 261 public static function wikiURL($string) {
6a488035
TO		 262 $items = explode(' ', trim($string), 2);
263 return self::url($items[0]);
264 }
265
5bc392e6
EM		 266 /**
267 * @param $domain
268 *
269 * @return bool
270 */
00be9182 271 public static function domain($domain) {
6a488035
TO		 272 // not perfect, but better than the previous one; see CRM-1502
273 if (!preg_match('/^[A-Za-z0-9]([A-Za-z0-9\.\-]*[A-Za-z0-9])?$/', $domain)) {
274 return FALSE;
275 }
276 return TRUE;
277 }
278
5bc392e6
EM		 279 /**
280 * @param $value
281 * @param null $default
282 *
283 * @return null
284 */
00be9182 285 public static function date($value, $default = NULL) {
6a488035
TO		 286 if (is_string($value) &&
287 preg_match('/^\d\d\d\d-?\d\d-?\d\d$/', $value)
288 ) {
289 return $value;
290 }
291 return $default;
292 }
293
5bc392e6
EM		 294 /**
295 * @param $value
296 * @param null $default
297 *
298 * @return null|string
299 */
00be9182 300 public static function dateTime($value, $default = NULL) {
6a488035
TO		 301 $result = $default;
302 if (is_string($value) &&
303 preg_match('/^\d\d\d\d-?\d\d-?\d\d(\s\d\d:\d\d(:\d\d)?|\d\d\d\d(\d\d)?)?$/', $value)
304 ) {
305 $result = $value;
306 }
307
308 return $result;
309 }
310
311 /**
100fef9d 312 * Check the validity of the date (in qf format)
6a488035
TO		 313 * note that only a year is valid, or a mon-year is
314 * also valid in addition to day-mon-year. The date
315 * specified has to be beyond today. (i.e today or later)
316 *
317 * @param array $date
77855840
TO		 318 * @param bool $monthRequired
319 * Check whether month is mandatory.
6a488035 320 *
a6c01b45
CW		 321 * @return bool
322 * true if valid date
6a488035 323 */
00be9182 324 public static function currentDate($date, $monthRequired = TRUE) {
6a488035
TO		 325 $config = CRM_Core_Config::singleton();
326
327 $d = CRM_Utils_Array::value('d', $date);
328 $m = CRM_Utils_Array::value('M', $date);
329 $y = CRM_Utils_Array::value('Y', $date);
330
331 if (!$d && !$m && !$y) {
332 return TRUE;
333 }
334
335 // CRM-9017 CiviContribute/CiviMember form with expiration date format 'm Y'
8cc574cf 336 if (!$m && !empty($date['m'])) {
6a488035
TO		 337 $m = CRM_Utils_Array::value('m', $date);
338 }
339
340 $day = $mon = 1;
341 $year = 0;
342 if ($d) {
343 $day = $d;
344 }
345 if ($m) {
346 $mon = $m;
347 }
348 if ($y) {
349 $year = $y;
350 }
351
352 // if we have day we need mon, and if we have mon we need year
353 if (($d && !$m) ||
354 ($d && !$y) ||
355 ($m && !$y)
356 ) {
357 return FALSE;
358 }
359
360 $result = FALSE;
361 if (!empty($day) || !empty($mon) || !empty($year)) {
362 $result = checkdate($mon, $day, $year);
363 }
364
365 if (!$result) {
366 return FALSE;
367 }
368
369 // ensure we have month if required
370 if ($monthRequired && !$m) {
371 return FALSE;
372 }
373
374 // now make sure this date is greater that today
375 $currentDate = getdate();
376 if ($year > $currentDate['year']) {
377 return TRUE;
378 }
379 elseif ($year < $currentDate['year']) {
380 return FALSE;
381 }
382
383 if ($m) {
384 if ($mon > $currentDate['mon']) {
385 return TRUE;
386 }
387 elseif ($mon < $currentDate['mon']) {
388 return FALSE;
389 }
390 }
391
392 if ($d) {
393 if ($day > $currentDate['mday']) {
394 return TRUE;
395 }
396 elseif ($day < $currentDate['mday']) {
397 return FALSE;
398 }
399 }
400
401 return TRUE;
402 }
403
404 /**
100fef9d 405 * Check the validity of a date or datetime (timestamp)
6a488035
TO		 406 * value which is in YYYYMMDD or YYYYMMDDHHMMSS format
407 *
408 * Uses PHP checkdate() - params are ( int $month, int $day, int $year )
409 *
410 * @param string $date
411 *
a6c01b45
CW		 412 * @return bool
413 * true if valid date
6a488035 414 */
00be9182 415 public static function mysqlDate($date) {
6a488035
TO		 416 // allow date to be null
417 if ($date == NULL) {
418 return TRUE;
419 }
420
421 if (checkdate(substr($date, 4, 2), substr($date, 6, 2), substr($date, 0, 4))) {
422 return TRUE;
423 }
424
425 return FALSE;
426 }
427
5bc392e6
EM		 428 /**
429 * @param $value
430 *
431 * @return bool
432 */
00be9182 433 public static function integer($value) {
6a488035
TO		 434 if (is_int($value)) {
435 return TRUE;
436 }
437
f942c321
DL		 438 // CRM-13460
439 // ensure number passed is always a string numeral
440 if (!is_numeric($value)) {
441 return FALSE;
442 }
443
444 // note that is_int matches only integer type
445 // and not strings which are only integers
446 // hence we do this here
447 if (preg_match('/^\d+$/', $value)) {
448 return TRUE;
449 }
450
451 if ($value < 0) {
6a488035
TO		 452 $negValue = -1 * $value;
453 if (is_int($negValue)) {
454 return TRUE;
455 }
456 }
457
6a488035
TO		 458 return FALSE;
459 }
460
5bc392e6
EM		 461 /**
462 * @param $value
463 *
464 * @return bool
465 */
00be9182 466 public static function positiveInteger($value) {
6a488035
TO		 467 if (is_int($value)) {
468 return ($value < 0) ? FALSE : TRUE;
469 }
470
f942c321
DL		 471 // CRM-13460
472 // ensure number passed is always a string numeral
473 if (!is_numeric($value)) {
474 return FALSE;
475 }
476
477 if (preg_match('/^\d+$/', $value)) {
6a488035
TO		 478 return TRUE;
479 }
480
481 return FALSE;
482 }
483
fe61faf3
CW		 484 /**
485 * @param $value
486 *
487 * @return bool
488 */
489 public static function commaSeparatedIntegers($value) {
490 foreach (explode(',', $value) as $val) {
62d7cac4
SL		 491 // Remove any Whitespace around the key.
492 $val = trim($val);
fe61faf3
CW		 493 if (!self::positiveInteger($val)) {
494 return FALSE;
495 }
496 }
497 return TRUE;
498 }
499
5bc392e6
EM		 500 /**
501 * @param $value
502 *
503 * @return bool
504 */
00be9182 505 public static function numeric($value) {
f942c321
DL		 506 // lets use a php gatekeeper to ensure this is numeric
507 if (!is_numeric($value)) {
508 return FALSE;
509 }
510
6a488035
TO		 511 return preg_match('/(^-?\d\d*\.\d*$)|(^-?\d\d*$)|(^-?\.\d\d*$)/', $value) ? TRUE : FALSE;
512 }
513
d22982f3
SM		 514 /**
515 * Test whether $value is alphanumeric.
516 *
517 * Underscores and dashes are also allowed!
518 *
519 * This is the type of string you could expect to see in URL parameters
520 * like `?mode=live` vs `?mode=test`. This function exists so that we can be
521 * strict about what we accept for such values, thus mitigating against
522 * potential security issues.
523 *
524 * @see \CRM_Utils_RuleTest::alphanumericData
525 * for examples of vales that give TRUE/FALSE here
526 *
527 * @param $value
528 *
529 * @return bool
530 */
531 public static function alphanumeric($value) {
532 return preg_match('/^[a-zA-Z0-9_-]*$/', $value) ? TRUE : FALSE;
533 }
534
5bc392e6
EM		 535 /**
536 * @param $value
537 * @param $noOfDigit
538 *
539 * @return bool
540 */
00be9182 541 public static function numberOfDigit($value, $noOfDigit) {
6a488035
TO		 542 return preg_match('/^\d{' . $noOfDigit . '}$/', $value) ? TRUE : FALSE;
543 }
544
8a52ae34
CW		 545 /**
546 * Strict validation of 6-digit hex color notation per html5 <input type="color">
547 *
548 * @param $value
549 * @return bool
550 */
551 public static function color($value) {
552 return (bool) preg_match('/^#([\da-fA-F]{6})$/', $value);
553 }
554
5bc392e6 555 /**
83644f47 556 * Strip thousand separator from a money string.
557 *
558 * Note that this should be done at the form layer. Once we are processing
559 * money at the BAO or processor layer we should be working with something that
560 * is already in a normalised format.
561 *
562 * @param string $value
5bc392e6 563 *
83644f47 564 * @return string
5bc392e6 565 */
00be9182 566 public static function cleanMoney($value) {
6a488035 567 // first remove all white space
be2fb01f 568 $value = str_replace([' ', "\t", "\n"], '', $value);
6a488035
TO		 569
570 $config = CRM_Core_Config::singleton();
571
e7292422 572 //CRM-14868
ef88f444 573 $currencySymbols = CRM_Core_PseudoConstant::get(
353ffa53 574 'CRM_Contribute_DAO_Contribution',
be2fb01f 575 'currency', [
353ffa53
TO		 576 'keyColumn' => 'name',
577 'labelColumn' => 'symbol',
be2fb01f 578 ]
e70a7fc0 579 );
e7292422 580 $value = str_replace($currencySymbols, '', $value);
ef88f444 581
6a488035
TO		 582 if ($config->monetaryThousandSeparator) {
583 $mon_thousands_sep = $config->monetaryThousandSeparator;
584 }
585 else {
586 $mon_thousands_sep = ',';
587 }
588
589 // ugly fix for CRM-6391: do not drop the thousand separator if
590 // it looks like it’s separating decimal part (because a given
591 // value undergoes a second cleanMoney() call, for example)
b81f42da 592 // CRM-15835 - in case the amount/value contains 0 after decimal
593 // eg 150.5 the following if condition will pass
594 if ($mon_thousands_sep != '.' or (substr($value, -3, 1) != '.' && substr($value, -2, 1) != '.')) {
6a488035
TO		 595 $value = str_replace($mon_thousands_sep, '', $value);
596 }
597
598 if ($config->monetaryDecimalPoint) {
599 $mon_decimal_point = $config->monetaryDecimalPoint;
600 }
601 else {
602 $mon_decimal_point = '.';
603 }
604 $value = str_replace($mon_decimal_point, '.', $value);
605
606 return $value;
607 }
608
5bc392e6
EM		 609 /**
610 * @param $value
611 *
612 * @return bool
613 */
00be9182 614 public static function money($value) {
6a488035
TO		 615 $config = CRM_Core_Config::singleton();
616
50bfb460
SB		 617 // only edge case when we have a decimal point in the input money
618 // field and not defined in the decimal Point in config settings
6a488035
TO		 619 if ($config->monetaryDecimalPoint &&
620 $config->monetaryDecimalPoint != '.' &&
50bfb460 621 // CRM-7122 also check for Thousands Separator in config settings
6a488035
TO		 622 $config->monetaryThousandSeparator != '.' &&
623 substr_count($value, '.')
624 ) {
625 return FALSE;
626 }
627
628 $value = self::cleanMoney($value);
629
630 if (self::integer($value)) {
631 return TRUE;
632 }
633
ce18e8d1
MW		 634 // Allow values such as -0, 1.024555, -.1
635 // We need to support multiple decimal places here, not just the number allowed by locale
636 // otherwise tax calculations break when you want the inclusive amount to be a round number (eg. £10 inc. VAT requires 8.333333333 here).
637 return preg_match('/(^-?\d+\.?\d*$)|(^-?\.\d+$)/', $value) ? TRUE : FALSE;
6a488035
TO		 638 }
639
5bc392e6
EM		 640 /**
641 * @param $value
642 * @param int $maxLength
643 *
644 * @return bool
645 */
00be9182 646 public static function string($value, $maxLength = 0) {
6a488035
TO		 647 if (is_string($value) &&
648 ($maxLength === 0 || strlen($value) <= $maxLength)
649 ) {
650 return TRUE;
651 }
652 return FALSE;
653 }
654
5bc392e6
EM		 655 /**
656 * @param $value
657 *
658 * @return bool
659 */
00be9182 660 public static function boolean($value) {
6a488035
TO		 661 return preg_match(
662 '/(^(1|0)$)|(^(Y(es)?|N(o)?)$)|(^(T(rue)?|F(alse)?)$)/i', $value
663 ) ? TRUE : FALSE;
664 }
665
5bc392e6
EM		 666 /**
667 * @param $value
668 *
669 * @return bool
670 */
00be9182 671 public static function email($value) {
6a488035
TO		 672 return (bool) filter_var($value, FILTER_VALIDATE_EMAIL);
673 }
674
5bc392e6
EM		 675 /**
676 * @param $list
677 *
678 * @return bool
679 */
00be9182 680 public static function emailList($list) {
6a488035
TO		 681 $emails = explode(',', $list);
682 foreach ($emails as $email) {
683 $email = trim($email);
684 if (!self::email($email)) {
685 return FALSE;
686 }
687 }
688 return TRUE;
689 }
690
5bc392e6 691 /**
4f1f1f2a
CW		 692 * allow between 4-6 digits as postal code since india needs 6 and US needs 5 (or
693 * if u disregard the first 0, 4 (thanx excel!)
694 * FIXME: we need to figure out how to localize such rules
5bc392e6
EM		 695 * @param $value
696 *
697 * @return bool
698 */
00be9182 699 public static function postalCode($value) {
6a488035
TO		 700 if (preg_match('/^\d{4,6}(-\d{4})?$/', $value)) {
701 return TRUE;
702 }
703 return FALSE;
704 }
705
706 /**
100fef9d 707 * See how file rules are written in HTML/QuickForm/file.php
6a488035
TO		 708 * Checks to make sure the uploaded file is ascii
709 *
ea3ddccf 710 * @param string $elementValue
711 *
a6c01b45 712 * @return bool
ea3ddccf 713 * True if file has been uploaded, false otherwise
6a488035 714 */
00be9182 715 public static function asciiFile($elementValue) {
6a488035
TO		 716 if ((isset($elementValue['error']) && $elementValue['error'] == 0) ||
717 (!empty($elementValue['tmp_name']) && $elementValue['tmp_name'] != 'none')
718 ) {
719 return CRM_Utils_File::isAscii($elementValue['tmp_name']);
720 }
721 return FALSE;
722 }
723
724 /**
725 * Checks to make sure the uploaded file is in UTF-8, recodes if it's not
726 *
ea3ddccf 727 * @param array $elementValue
728 *
a6c01b45 729 * @return bool
ea3ddccf 730 * Whether file has been uploaded properly and is now in UTF-8.
6a488035 731 */
00be9182 732 public static function utf8File($elementValue) {
6a488035
TO		 733 $success = FALSE;
734
735 if ((isset($elementValue['error']) && $elementValue['error'] == 0) ||
736 (!empty($elementValue['tmp_name']) && $elementValue['tmp_name'] != 'none')
737 ) {
738
739 $success = CRM_Utils_File::isAscii($elementValue['tmp_name']);
740
741 // if it's a file, but not UTF-8, let's try and recode it
742 // and then make sure it's an UTF-8 file in the end
743 if (!$success) {
744 $success = CRM_Utils_File::toUtf8($elementValue['tmp_name']);
745 if ($success) {
746 $success = CRM_Utils_File::isAscii($elementValue['tmp_name']);
747 }
748 }
749 }
750 return $success;
751 }
752
753 /**
100fef9d 754 * See how file rules are written in HTML/QuickForm/file.php
6a488035
TO		 755 * Checks to make sure the uploaded file is html
756 *
ea3ddccf 757 * @param array $elementValue
758 *
a6c01b45 759 * @return bool
ea3ddccf 760 * True if file has been uploaded, false otherwise
6a488035 761 */
00be9182 762 public static function htmlFile($elementValue) {
6a488035
TO		 763 if ((isset($elementValue['error']) && $elementValue['error'] == 0) ||
764 (!empty($elementValue['tmp_name']) && $elementValue['tmp_name'] != 'none')
765 ) {
766 return CRM_Utils_File::isHtmlFile($elementValue['tmp_name']);
767 }
768 return FALSE;
769 }
770
771 /**
fe482240 772 * Check if there is a record with the same name in the db.
6a488035 773 *
77855840
TO		 774 * @param string $value
775 * The value of the field we are checking.
776 * @param array $options
35b63106 777 * The daoName, fieldName (optional) and DomainID (optional).
6a488035 778 *
408b79bf 779 * @return bool
a6c01b45 780 * true if object exists
6a488035 781 */
00be9182 782 public static function objectExists($value, $options) {
6a488035
TO		 783 $name = 'name';
784 if (isset($options[2])) {
785 $name = $options[2];
786 }
787
35b63106 788 return CRM_Core_DAO::objectExists($value, CRM_Utils_Array::value(0, $options), CRM_Utils_Array::value(1, $options), CRM_Utils_Array::value(2, $options, $name), CRM_Utils_Array::value(3, $options));
6a488035
TO		 789 }
790
5bc392e6
EM		 791 /**
792 * @param $value
793 * @param $options
794 *
795 * @return bool
796 */
00be9182 797 public static function optionExists($value, $options) {
e6101f17 798 return CRM_Core_OptionValue::optionExists($value, $options[0], $options[1], $options[2], CRM_Utils_Array::value(3, $options, 'name'), CRM_Utils_Array::value(4, $options, FALSE));
6a488035
TO		 799 }
800
5bc392e6
EM		 801 /**
802 * @param $value
803 * @param $type
804 *
805 * @return bool
806 */
00be9182 807 public static function creditCardNumber($value, $type) {
6a488035
TO		 808 return Validate_Finance_CreditCard::number($value, $type);
809 }
810
5bc392e6
EM		 811 /**
812 * @param $value
813 * @param $type
814 *
815 * @return bool
816 */
00be9182 817 public static function cvv($value, $type) {
6a488035
TO		 818 return Validate_Finance_CreditCard::cvv($value, $type);
819 }
820
5bc392e6
EM		 821 /**
822 * @param $value
823 *
824 * @return bool
825 */
00be9182 826 public static function currencyCode($value) {
6a488035
TO		 827 static $currencyCodes = NULL;
828 if (!$currencyCodes) {
829 $currencyCodes = CRM_Core_PseudoConstant::currencyCode();
830 }
831 if (in_array($value, $currencyCodes)) {
832 return TRUE;
833 }
834 return FALSE;
835 }
836
5bc392e6
EM		 837 /**
838 * @param $value
839 *
840 * @return bool
841 */
00be9182 842 public static function xssString($value) {
6a488035
TO		 843 if (is_string($value)) {
844 return preg_match('!<(vb)?script[^>]*>.*</(vb)?script.*>!ims',
845 $value
846 ) ? FALSE : TRUE;
847 }
848 else {
849 return TRUE;
850 }
851 }
852
88251439 853 /**
854 * Validate json string for xss
855 *
856 * @param string $value
857 *
858 * @return bool
859 * False if invalid, true if valid / safe.
860 */
861 public static function json($value) {
862 if (!self::xssString($value)) {
863 return FALSE;
864 }
865 $array = json_decode($value, TRUE);
866 if (!$array || !is_array($array)) {
867 return FALSE;
868 }
869 return self::arrayValue($array);
870 }
871
5bc392e6
EM		 872 /**
873 * @param $path
874 *
875 * @return bool
876 */
00be9182 877 public static function fileExists($path) {
6a488035
TO		 878 return file_exists($path);
879 }
880
d9d7e7dd
TO		 881 /**
882 * Determine whether the value contains a valid reference to a directory.
883 *
884 * Paths stored in the setting system may be absolute -- or may be
885 * relative to the default data directory.
886 *
887 * @param string $path
888 * @return bool
889 */
890 public static function settingPath($path) {
e3d28c74 891 return is_dir(Civi::paths()->getPath($path));
d9d7e7dd
TO		 892 }
893
5bc392e6
EM		 894 /**
895 * @param $value
896 * @param null $actualElementValue
897 *
898 * @return bool
899 */
00be9182 900 public static function validContact($value, $actualElementValue = NULL) {
6a488035
TO		 901 if ($actualElementValue) {
902 $value = $actualElementValue;
903 }
904
258570f7 905 return CRM_Utils_Rule::positiveInteger($value);
6a488035
TO		 906 }
907
908 /**
100fef9d 909 * Check the validity of the date (in qf format)
6a488035
TO		 910 * note that only a year is valid, or a mon-year is
911 * also valid in addition to day-mon-year
912 *
913 * @param array $date
914 *
a6c01b45
CW		 915 * @return bool
916 * true if valid date
6a488035 917 */
00be9182 918 public static function qfDate($date) {
6a488035
TO		 919 $config = CRM_Core_Config::singleton();
920
921 $d = CRM_Utils_Array::value('d', $date);
922 $m = CRM_Utils_Array::value('M', $date);
923 $y = CRM_Utils_Array::value('Y', $date);
924 if (isset($date['h']) ||
925 isset($date['g'])
926 ) {
927 $m = CRM_Utils_Array::value('M', $date);
928 }
929
930 if (!$d && !$m && !$y) {
931 return TRUE;
932 }
933
934 $day = $mon = 1;
935 $year = 0;
936 if ($d) {
937 $day = $d;
938 }
939 if ($m) {
940 $mon = $m;
941 }
942 if ($y) {
943 $year = $y;
944 }
945
946 // if we have day we need mon, and if we have mon we need year
947 if (($d && !$m) ||
948 ($d && !$y) ||
949 ($m && !$y)
950 ) {
951 return FALSE;
952 }
953
954 if (!empty($day) || !empty($mon) || !empty($year)) {
955 return checkdate($mon, $day, $year);
956 }
957 return FALSE;
958 }
959
5bc392e6
EM		 960 /**
961 * @param $key
962 *
963 * @return bool
964 */
00be9182 965 public static function qfKey($key) {
6a488035
TO		 966 return ($key) ? CRM_Core_Key::valid($key) : FALSE;
967 }
96025800 968
79326ee2
SB		 969 /**
970 * Check if the values in the date range are in correct chronological order.
971 *
972 * @param array $fields
973 * Fields of the form.
974 * @param $fieldName
975 * Name of date range field.
976 * @param $errors
977 * The error array.
978 * @param $title
979 * Title of the date range to be displayed in the error message.
980 */
981 public static function validDateRange($fields, $fieldName, &$errors, $title) {
982 $lowDate = strtotime($fields[$fieldName . '_low']);
983 $highDate = strtotime($fields[$fieldName . '_high']);
984
985 if ($lowDate > $highDate) {
be2fb01f 986 $errors[$fieldName . '_range_error'] = ts('%1: Please check that your date range is in correct chronological order.', [1 => $title]);
79326ee2
SB		 987 }
988 }
989
5df85a46
SL		 990 /**
991 * @param string $key Extension Key to check
992 * @return bool
993 */
9e1d9d01 994 public static function checkExtensionKeyIsValid($key = NULL) {
5df85a46
SL		 995 if (!empty($key) && !preg_match('/^[0-9a-zA-Z._-]+$/', $key)) {
996 return FALSE;
997 }
998 return TRUE;
999 }
1000
88251439 1001 /**
1002 * Validate array recursively checking keys and values.
1003 *
1004 * @param array $array
1005 * @return bool
1006 */
1007 protected static function arrayValue($array) {
1008 foreach ($array as $key => $item) {
1009 if (is_array($item)) {
1010 if (!self::xssString($key) || !self::arrayValue($item)) {
1011 return FALSE;
1012 }
1013 }
1014 if (!self::xssString($key) || !self::xssString($item)) {
1015 return FALSE;
1016 }
1017 }
1018 return TRUE;
1019 }
1020
6a488035 1021}